One of the things that kept me from the change to SSL was that my hosting company, Pair.com, did not have any nice (convenient) way to use the free Let’s Encrypt SLL certificates.
Pair now offers an easy one click interface to set up SSL and they automatically renew the certificates, so there’s really no excuse to not do it.
Sign up for Pair.com now and enjoy 20% off your first pair Networks bill! Use code:
What does the interface look like? You go to the Manage Your SSL page and look for the button next to your domain name that says:
Click the Let’s Encrypt button and you’re good to go!
After a few minutes (so that you think the computer was doing some really difficult task) it’ll present you with your domain name with a super-intelligent shade of green lock next to it. All done with the easy part!
Now for the less easy part…
The best directions I found for dealing with the WordPress site itself were at https://www.wpbeginner.com/
Their reasoning for why you want to do it manually is sound. Perhaps there are new, better plugins to handle this — but there are always new plugins…
Everything works like they say, so there’s no point stealing their thunder when they’ve written an excellent article.
I tried some other plugin (recommended in some other article) and it sorta didn’t actually change everything to https. Even though it was supposed to. Better Search Replace by Delicious Brains (which is what https://www.wpbeginner.com/ recommended) worked perfectly.
Note: They suggested the following:
Upon activation, you need to visit Tools » Better Search Replace page. Under the ‘Search’ field, you need to add your website URL with
http. After that, add your website URL with https under the ‘Replace’ field.
I did that and still couldn’t get a padlock on the site. Too many insecure references.
So instead I ran the Better Search Replace again, but replacing ALL http: with https: (no domain name mentioned). This caught thousands of things and made almost everything work.
Using their suggestion of using the inspect tool, I was able to find the few straggling insecure items. (More on this when I get to the part about the theme.)
The 4 Parts of this Series
Part 1 – cleaning out old (ancient) plugins that aren’t relevant or useful anymore
Part 2 – actually updating the database etc. inside WordPress to use https
Part 3 – updating to a modern, mobile-friendly theme
Part 4 – dealing with some robots.txt etc. plugin conflict